ALT_ECC_SIZE, low visibility but highly useful!

It recently came to our attention that the preprocessor macro ALT_ECC_SIZE was missing in our documentation. As a result we decided to post a blog about this to help inform customers of the value for using this in space constrained devices using the fastmath math library with RSA/DH and ECC in wolfSSL.

ALT_ECC_SIZE:

The fastmath code uses an array of a fixed size to store the big integers. By default, the array is big enough for RSA 2048-keys. The FP_MAX_BITS option can be used to make the array smaller if just using ECC. If using both RSA/DH and ECC, the define ALT_ECC_SIZE provides an alternate smaller size for the ecc_point structure. The size can be manually adjusted using FP_MAX_BITS_ECC, otherwise it will be calculated automatically based on the enabled curves.

Without ALT_ECC_SIZE, the ecc_point has three single item arrays of mp_ints for the components of the point. With ALT_ECC_SIZE, the components of the point are pointers that are set to each of a three item array of alt_fp_ints. While an mp_int will have 4096 bits of digit inside the structure, the alt_fp_int will only have 528 bits. A size value was added in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The functions fp_zero() and fp_copy() use the size parameter. An int needs to be initialized before using it instead of just fp_zeroing it, the init will call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the number of bits used in the alternate FP_INT.

The ALT_ECC_SIZE option can only be enabled with USE_FAST_MATH.

More details can be found in the wolfssl/wolfcrypt/ecc.h file.

If you have any questions, concerns, comments or feedback please contact us anytime at info@wolfssl.com or support@wolfssl.com.